Apache

Camel

28 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-30177

  • EPSS 0.16%
  • Published 01.04.2025 12:15:15
  • Last modified 15.04.2025 13:00:12

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10...

4.8

CVE-2025-29891

Exploit
  • EPSS 0.13%
  • Published 12.03.2025 14:42:59
  • Last modified 02.04.2025 20:37:07

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS a...

5.6

CVE-2025-27636

Exploit
  • EPSS 33.09%
  • Published 09.03.2025 13:15:34
  • Last modified 23.06.2025 18:54:52

Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue affects Apache Camel: from 4.10.0 through <= 4.10.1, from 4.8.0 through <= 4.8.4, from 3.10.0 through <= 3.22.3. Users are recommended to upgrade to v...

7.5

CVE-2024-22371

  • EPSS 0.44%
  • Published 26.02.2024 16:27:56
  • Last modified 25.04.2025 18:56:25

Exposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability in Apache Camel.This issue affects Apache Camel: from 3.21.X through 3.21.3, from 3.22.X through...

9.8

CVE-2024-23114

  • EPSS 0.83%
  • Published 20.02.2024 15:15:10
  • Last modified 02.04.2025 20:19:16

Deserialization of Untrusted Data vulnerability in Apache Camel CassandraQL Component AggregationRepository which is vulnerable to unsafe deserialization. Under specific conditions it is possible to deserialize malicious payload.This issue affects Ap...

7.8

CVE-2024-22369

  • EPSS 3.56%
  • Published 20.02.2024 15:15:10
  • Last modified 02.04.2025 20:17:04

Deserialization of Untrusted Data vulnerability in Apache Camel SQL ComponentThis issue affects Apache Camel: from 3.0.0 before 3.21.4, from 3.22.0 before 3.22.1, from 4.0.0 before 4.0.4, from 4.1.0 before 4.4.0. Users are recommended to upgrade to ...

3.3

CVE-2023-34442

  • EPSS 0.04%
  • Published 10.07.2023 16:15:52
  • Last modified 21.11.2024 08:07:15

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X thro...

7.5

CVE-2020-11994

  • EPSS 1.55%
  • Published 08.07.2020 16:15:11
  • Last modified 21.11.2024 04:59:04

Server-Side Template Injection and arbitrary file disclosure on Camel templating components

9.8

CVE-2020-11973

  • EPSS 8.42%
  • Published 14.05.2020 17:15:12
  • Last modified 21.11.2024 04:59:01

Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.

9.8

CVE-2020-11972

  • EPSS 8.39%
  • Published 14.05.2020 17:15:12
  • Last modified 21.11.2024 04:59:01

Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.